by Ivan Sorkin | Mar 18, 2026 | Themes
Attack Vectors CVE-2025-60125 is a Medium-severity issue (CVSS 5.3, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) affecting the FoodBook WordPress theme (slug: foodbook) in versions 4.7.6 and below. It is described as an Unauthenticated Sensitive Information Exposure...
by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors CVE-2025-58001 is a Medium severity vulnerability (CVSS 6.4) affecting the Compact Archives WordPress plugin (compact-archives) in versions 4.1.0 and below. It is an authenticated Stored Cross-Site Scripting (XSS) issue, meaning an attacker must have a...
by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors Bonus for Woo (slug: bonus-for-woo) versions up to and including 7.6.6 are affected by an insufficient input validation issue (CVE-2025-58835) with a Medium severity rating (CVSS 5.3). Based on the published scoring vector (AV:N/AC:L/PR:N/UI:N), the...
by Ivan Sorkin | Mar 18, 2026 | Themes
Attack Vectors CVE-2025-32311 is a Medium-severity Reflected Cross-Site Scripting (XSS) issue affecting the Pressroom – News Magazine WordPress Theme (slug: pressroom) in versions <= 7.0. It can be exploited by unauthenticated attackers over the network (CVSS...
by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors CVE-2025-39493 affects the Rankie – WordPress Rank Tracker Plugin (slug: valvepress-rankie) in versions prior to 1.8.2. The issue is a missing authorization (capability) check on a plugin function, which means an attacker who can log in as a...
Recent Comments